cpe:/a:hiniarata:casebook_plugin:0.9.2::~~~basercms~~ CVE-2016-1171 2016-04-06T19:59:06.737-04:00 2016-04-07T16:47:41.907-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2016-04-07T16:34:25.253-04:00 JVN JVN#13288761 JVNDB JVNDB-2016-000040 CONFIRM https://hiniarata.jp/news/archives/55 Cross-site scripting (XSS) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.